suse-edge/Factory
SHA256
12
0
Fork 11
Code Issues Pull Requests3 Actions Packages Projects Releases Wiki Activity

Merge pull request 'Update MetalLB and all other packages around it' () from kzhelyazkov/Factory:update-metallb into main

Browse Source 
Reviewed-on: 
Reviewed-by: Denislav Prodanov <dprodanov@noreply.src.opensuse.org>
Reviewed-by: Steven Hardy <steven.hardy@noreply.src.opensuse.org>
This commit is contained in:
Kristian Zhelyazkov 2025-03-20 13:25:13 +01:00
commit b30ece6b61
32 changed files with 246 additions and 109 deletions

10
frr-image/Dockerfile

@ -1,7 +1,7 @@
# SPDX-License-Identifier: MIT
#!BuildTag: %%IMG_PREFIX%%frr:8.4
#!BuildTag: %%IMG_PREFIX%%frr:8.4-%RELEASE%
#!BuildVersion: 15.5
#!BuildTag: %%IMG_PREFIX%%frr:8.5.6
#!BuildTag: %%IMG_PREFIX%%frr:8.5.6-%RELEASE%
#!BuildVersion: 15.6
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
@ -15,11 +15,11 @@ FROM micro AS final
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="FRR Container Image"
LABEL org.opencontainers.image.description="frr based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="8.4"
LABEL org.opencontainers.image.version="8.5.6"
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.4-%RELEASE%"
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.5.6-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%"
LABEL com.suse.eula="SUSE Combined EULA February 2024"

2
frr-k8s/_service

@ -2,7 +2,7 @@
<service name="obs_scm">
<param name="url">https://github.com/metallb/frr-k8s</param>
<param name="scm">git</param>
<param name="revision">v0.0.14</param>
<param name="revision">v0.0.16</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>

4
frr-k8s/frr-k8s.spec

@ -17,8 +17,8 @@
Name: frr-k8s
Version: 0.0.14
Release: 0.0.14
Version: 0.0.16
Release: 0.0.16
Summary: A kubernetes based daemonset that exposes a subset of the FRR API in a kubernetes compliant manner.
License: Apache-2.0
URL: https://github.com/metallb/frr-k8s

17
metallb-chart/Chart.yaml

@ -1,16 +1,15 @@
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9
#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9-%RELEASE%
apiVersion: v2
appVersion: v0.14.3
appVersion: v0.14.9
dependencies:
- condition: frrk8s.enabled
- condition: crds.enabled
name: crds
repository: file://./charts/crds
version: 0.14.9
- alias: metallb-frr-k8s
condition: frrk8s.enabled
name: frr-k8s
repository: file://./charts/frr-k8s
version: 0.0.15
- condition: crds.enabled
name: metallb-crds
repository: file://./charts/metallb-crds
version: 0.14.8
version: 0.0.16
description: A network load-balancer implementation for Kubernetes using standard
routing protocols
home: https://metallb.universe.tf

16
metallb-chart/README.md

@ -1,6 +1,6 @@
# metallb
![Version: 0.14.8](https://img.shields.io/badge/Version-0.14.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.8](https://img.shields.io/badge/AppVersion-v0.14.8-informational?style=flat-square)
![Version: 0.14.9](https://img.shields.io/badge/Version-0.14.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.9](https://img.shields.io/badge/AppVersion-v0.14.9-informational?style=flat-square)
A network load-balancer implementation for Kubernetes using standard routing protocols
@ -16,8 +16,8 @@ Kubernetes: `>= 1.19.0-0`
| Repository | Name | Version |
|------------|------|---------|
| | crds | 0.14.8 |
| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 |
| | crds | 0.14.9 |
| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 |
## Values
@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.podMonitor.relabelings | list | `[]` | |
| prometheus.prometheusRule.additionalLabels | object | `{}` | |
| prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | |
| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | |
| prometheus.prometheusRule.annotations | object | `{}` | |
| prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | |
| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | |
| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | |
| prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | |
| prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | |
| prometheus.prometheusRule.enabled | bool | `false` | |
@ -99,7 +99,7 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.rbacPrometheus | bool | `true` | |
| prometheus.rbacProxy.pullPolicy | string | `nil` | |
| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
| prometheus.rbacProxy.tag | string | `"v0.18.0"` | |
| prometheus.scrapeAnnotations | bool | `false` | |
| prometheus.serviceAccount | string | `""` | |
| prometheus.serviceMonitor.controller.additionalLabels | object | `{}` | |
@ -122,7 +122,7 @@ Kubernetes: `>= 1.19.0-0`
| speaker.frr.enabled | bool | `true` | |
| speaker.frr.image.pullPolicy | string | `nil` | |
| speaker.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | |
| speaker.frr.image.tag | string | `"8.4.2"` | |
| speaker.frr.image.tag | string | `"8.5.6"` | |
| speaker.frr.metricsPort | int | `7473` | |
| speaker.frr.resources | object | `{}` | |
| speaker.frrMetrics.resources | object | `{}` | |

0
metallb-chart/charts/metallb-crds/.helmignore → metallb-chart/charts/crds/.helmignore

4
metallb-chart/charts/metallb-crds/Chart.yaml → metallb-chart/charts/crds/Chart.yaml

@ -3,8 +3,8 @@ appVersion: v0.14.9
description: MetalLB CRDs
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
name: metallb-crds
name: crds
sources:
- https://github.com/metallb/metallb
type: application
version: 0.14.8
version: 0.14.9

14
metallb-chart/charts/crds/README.md Normal file

@ -0,0 +1,14 @@
# crds
![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
MetalLB CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/metallb>
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)

40
metallb-chart/charts/metallb-crds/templates/crds.yaml → metallb-chart/charts/crds/templates/crds.yaml

@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: bfdprofiles.metallb.io
spec:
group: metallb.io
@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: bgpadvertisements.metallb.io
spec:
group: metallb.io
@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: bgppeers.metallb.io
spec:
conversion:
@ -365,6 +365,8 @@ spec:
- jsonPath: .spec.ebgpMultiHop
name: Multi Hops
type: string
deprecated: true
deprecationWarning: v1beta1 is deprecated, please use v1beta2
name: v1beta1
schema:
openAPIV3Schema:
@ -526,15 +528,26 @@ spec:
default: false
description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions.
type: boolean
dynamicASN:
description: |-
DynamicASN detects the AS number to use for the remote end of the session
without explicitly setting it via the ASN field. Limited to:
internal - if the neighbor's ASN is different than MyASN connection is denied.
external - if the neighbor's ASN is the same as MyASN the connection is denied.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
enum:
- internal
- external
type: string
ebgpMultiHop:
description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only.
type: boolean
enableGracefulRestart:
description: |-
EnableGracefulRestart allows BGP peer to continue to forward data packets along
known routes while the routing protocol information is being restored.
This field is immutable because it requires restart of the BGP session
Supported for FRR mode only.
EnableGracefulRestart allows BGP peer to continue to forward data packets
along known routes while the routing protocol information is being
restored. This field is immutable because it requires restart of the BGP
session. Supported for FRR mode only.
type: boolean
x-kubernetes-validations:
- message: EnableGracefulRestart cannot be changed after creation
@ -622,7 +635,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
peerASN:
description: AS number to expect from the remote end of the session.
description: |-
AS number to expect from the remote end of the session.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
format: int32
maximum: 4294967295
minimum: 0
@ -649,7 +664,6 @@ spec:
type: string
required:
- myASN
- peerASN
- peerAddress
type: object
status:
@ -665,7 +679,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: communities.metallb.io
spec:
group: metallb.io
@ -730,7 +744,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: ipaddresspools.metallb.io
spec:
group: metallb.io
@ -940,7 +954,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: l2advertisements.metallb.io
spec:
group: metallb.io
@ -1120,7 +1134,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.3
name: servicel2statuses.metallb.io
spec:
group: metallb.io

23
metallb-chart/charts/frr-k8s/.helmignore Normal file

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
metallb-chart/charts/frr-k8s/Chart.lock Normal file

@ -0,0 +1,6 @@
dependencies:
- name: crds
repository: ""
version: 0.0.16
digest: sha256:b54ee64c5e61f1dd38e89efc87ebd1e36cdb7c4dd7c897d9985040dccd713dba
generated: "2024-11-22T11:40:47.152053909+01:00"

9
metallb-chart/charts/frr-k8s/Chart.yaml

@ -1,5 +1,10 @@
apiVersion: v2
appVersion: v0.0.14
appVersion: v0.0.16
dependencies:
- condition: crds.enabled
name: crds
repository: file://./charts/crds
version: 0.0.16
description: A cloud native wrapper of FRR
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
@ -8,4 +13,4 @@ name: frr-k8s
sources:
- https://github.com/metallb/frr-k8s
type: application
version: 0.0.15
version: 0.0.16

16
metallb-chart/charts/frr-k8s/README.md

@ -1,6 +1,6 @@
# frr-k8s
![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.14](https://img.shields.io/badge/AppVersion-v0.0.14-informational?style=flat-square)
![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.16](https://img.shields.io/badge/AppVersion-v0.0.16-informational?style=flat-square)
A cloud native wrapper of FRR
@ -16,7 +16,7 @@ Kubernetes: `>= 1.19.0-0`
| Repository | Name | Version |
|------------|------|---------|
| | crds | 0.0.14 |
| | crds | 0.0.16 |
## Values
@ -27,17 +27,17 @@ Kubernetes: `>= 1.19.0-0`
| frrk8s.affinity | object | `{}` | |
| frrk8s.alwaysBlock | string | `""` | |
| frrk8s.disableCertRotation | bool | `false` | |
| frrk8s.frr.acceptIncomingBGPConnections | bool | `false` | |
| frrk8s.frr.image.pullPolicy | string | `nil` | |
| frrk8s.frr.image.repository | string | `"quay.io/frrouting/frr"` | |
| frrk8s.frr.image.tag | string | `"9.1.0"` | |
| frrk8s.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | |
| frrk8s.frr.image.tag | string | `"8.5.6"` | |
| frrk8s.frr.metricsBindAddress | string | `"127.0.0.1"` | |
| frrk8s.frr.metricsPort | int | `7573` | |
| frrk8s.frr.resources | object | `{}` | |
| frrk8s.frr.secureMetricsPort | int | `9141` | |
| frrk8s.frrMetrics.resources | object | `{}` | |
| frrk8s.healthPort | int | `8081` | |
| frrk8s.image.pullPolicy | string | `nil` | |
| frrk8s.image.repository | string | `"quay.io/metallb/frr-k8s"` | |
| frrk8s.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s"` | |
| frrk8s.image.tag | string | `nil` | |
| frrk8s.labels.app | string | `"frr-k8s"` | |
| frrk8s.livenessProbe.enabled | bool | `true` | |
@ -77,8 +77,8 @@ Kubernetes: `>= 1.19.0-0`
| prometheus.namespace | string | `""` | |
| prometheus.rbacPrometheus | bool | `false` | |
| prometheus.rbacProxy.pullPolicy | string | `nil` | |
| prometheus.rbacProxy.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | |
| prometheus.rbacProxy.tag | string | `"v0.18.0"` | |
| prometheus.scrapeAnnotations | bool | `false` | |
| prometheus.secureMetricsPort | int | `9140` | |
| prometheus.serviceAccount | string | `""` | |

23
metallb-chart/charts/frr-k8s/charts/crds/.helmignore Normal file

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

10
metallb-chart/charts/frr-k8s/charts/crds/Chart.yaml Normal file

@ -0,0 +1,10 @@
apiVersion: v2
appVersion: v0.0.16
description: FRR K8s CRDs
home: https://metallb.universe.tf
icon: https://metallb.universe.tf/images/logo/metallb-white.png
name: crds
sources:
- https://github.com/metallb/frr-k8s
type: application
version: 0.0.16

14
metallb-chart/charts/frr-k8s/charts/crds/README.md Normal file

@ -0,0 +1,14 @@
# crds
![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
FRR-K8s CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/frr-k8s>
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)

17
metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrconfigurations.yaml → metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml

@ -156,8 +156,9 @@ spec:
the session with.
type: string
asn:
description: ASN is the AS number to use for the local
end of the session.
description: |-
ASN is the AS number to use for the local end of the session.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
format: int32
maximum: 4294967295
minimum: 0
@ -187,6 +188,17 @@ spec:
will separate IPv4 and IPv6 route exchanges into
distinct BGP sessions.
type: boolean
dynamicASN:
description: |-
DynamicASN detects the AS number to use for the local end of the session
without explicitly setting it via the ASN field. Limited to:
internal - if the neighbor's ASN is different than the router's the connection is denied.
external - if the neighbor's ASN is the same as the router's the connection is denied.
ASN and DynamicASN are mutually exclusive and one of them must be specified.
enum:
- internal
- external
type: string
ebgpMultiHop:
description: EBGPMultiHop indicates if the BGPPeer
is multi-hops away.
@ -366,7 +378,6 @@ spec:
type: object
required:
- address
- asn
type: object
type: array
prefixes:

0
metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrnodestates.yaml → metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml

11
metallb-chart/charts/frr-k8s/templates/controller.yaml

@ -50,7 +50,7 @@ data:
#
vtysh_enable=yes
zebra_options=" -A 127.0.0.1 -s 90000000"
bgpd_options=" -A 127.0.0.1"
bgpd_options=" -A 127.0.0.1 {{ if not .Values.frrk8s.frr.acceptIncomingBGPConnections }} -p 0 {{- end }}"
ospfd_options=" -A 127.0.0.1"
ospf6d_options=" -A ::1"
ripd_options=" -A 127.0.0.1"
@ -199,7 +199,6 @@ spec:
{{- with .Values.frrk8s.logLevel }}
- --log-level={{ . }}
{{- end }}
- --health-probe-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.frrk8s.healthPort }}
{{- if .Values.frrk8s.alwaysBlock }}
- --always-block={{ .Values.frrk8s.alwaysBlock }}
{{- end }}
@ -222,8 +221,8 @@ spec:
{{- if .Values.frrk8s.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.frrk8s.healthPort }}
path: /metrics
port: monitoring
host: {{ .Values.prometheus.metricsBindAddress }}
initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }}
@ -234,8 +233,8 @@ spec:
{{- if .Values.frrk8s.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /healthz
port: {{ .Values.frrk8s.healthPort }}
path: /metrics
port: monitoring
host: {{ .Values.prometheus.metricsBindAddress }}
initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }}

13
metallb-chart/charts/frr-k8s/templates/webhooks.yaml

@ -46,7 +46,7 @@ spec:
- "--restart-on-rotator-secret-refresh=true"
{{- end }}
- "--namespace=$(NAMESPACE)"
- --health-probe-bind-address=:8081
- "--metrics-bind-address=:{{ .Values.prometheus.metricsPort }}"
env:
- name: NAMESPACE
valueFrom:
@ -63,11 +63,14 @@ spec:
drop:
- ALL
readOnlyRootFilesystem: true
ports:
- containerPort: {{ .Values.prometheus.metricsPort }}
name: monitoring
{{- if .Values.frrk8s.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /healthz
port: 8081
path: /metrics
port: monitoring
initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }}
failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }}
@ -75,8 +78,8 @@ spec:
{{- if .Values.frrk8s.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /readyz
port: 8081
path: /metrics
port: monitoring
initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }}
failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }}

9
metallb-chart/charts/frr-k8s/values.yaml

@ -53,7 +53,7 @@ prometheus:
# the image to be used for the kuberbacproxy container
rbacProxy:
repository: "registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"
tag: "v0.18.0"
tag: "v0.18.1"
pullPolicy: IfNotPresent
# Prometheus Operator ServiceMonitors.
@ -98,7 +98,7 @@ frrk8s:
tolerateMaster: true
image:
repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s"
tag: "v0.0.14"
tag: "v0.0.16"
pullPolicy: IfNotPresent
## @param controller.updateStrategy.type FRR-K8s controller daemonset strategy type
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
@ -132,7 +132,6 @@ frrk8s:
podAnnotations: {}
labels:
app: frr-k8s
healthPort: 8081
livenessProbe:
enabled: true
failureThreshold: 3
@ -162,15 +161,17 @@ frrk8s:
frr:
image:
repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr"
tag: "8.4"
tag: "8.5.6"
pullPolicy: IfNotPresent
metricsBindAddress: 127.0.0.1
metricsPort: 7573
resources: {}
secureMetricsPort: 9141
acceptIncomingBGPConnections: false
reloader:
resources: {}
frrMetrics:
resources: {}
crds:
enabled: true
validationFailurePolicy: Fail

11
metallb-chart/charts/metallb-crds/README.md

@ -1,11 +0,0 @@
# crds
![Version: 0.14.3](https://img.shields.io/badge/Version-0.14.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.3](https://img.shields.io/badge/AppVersion-v0.14.3-informational?style=flat-square)
MetalLB CRDs
**Homepage:** <https://metallb.universe.tf>
## Source Code
* <https://github.com/metallb/metallb>

1
metallb-chart/templates/_helpers.tpl

@ -111,3 +111,4 @@ Create the name of the settings Secret to use.
{{ .Values.speaker.frr.metricsPort }}
{{- end }}
{{- end }}

2
metallb-chart/templates/controller.yaml

@ -84,7 +84,7 @@ spec:
- name: METALLB_DEPLOYMENT
value: {{ template "metallb.fullname" . }}-controller
{{- end }}
{{- if .Values.speaker.frr.enabled }}
{{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }}
- name: METALLB_BGP_TYPE
value: frr
{{- end }}

2
metallb-chart/templates/podmonitor.yaml

@ -36,6 +36,7 @@ spec:
relabelings:
{{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }}
{{- end }}
{{- if .Values.speaker.enabled }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
@ -74,6 +75,7 @@ spec:
relabelings:
{{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if .Values.prometheus.rbacPrometheus }}
apiVersion: rbac.authorization.k8s.io/v1

20
metallb-chart/templates/prometheusrules.yaml

@ -19,8 +19,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.staleConfig.enabled }}
- alert: MetalLBStaleConfig
annotations:
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has a stale config for > 1 minute'`}}
summary: {{`'Stale config on {{ $labels.pod }}'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}}
expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1
for: 1m
{{- with .Values.prometheus.prometheusRule.staleConfig.labels }}
@ -31,8 +31,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }}
- alert: MetalLBConfigNotLoaded
annotations:
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has not loaded for > 1 minute'`}}
summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}}
expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0
for: 1m
{{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }}
@ -43,8 +43,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }}
- alert: MetalLBAddressPoolExhausted
annotations:
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}}
summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}}
description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}}
expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total
for: 1m
{{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }}
@ -57,8 +57,8 @@ spec:
{{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }}
- alert: MetalLBAddressPoolUsage{{ .percent }}Percent
annotations:
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}}
summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}}
expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }}
{{- with .labels }}
labels:
@ -69,8 +69,8 @@ spec:
{{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }}
- alert: MetalLBBGPSessionDown
annotations:
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod
}} has BGP session {{ $labels.peer }} down for > 1 minute'`}}
summary: {{`'BGP session down on {{ $labels.pod }}'`}}
message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}}
expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0
for: 1m
{{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }}

12
metallb-chart/templates/rbac.yaml

@ -19,11 +19,11 @@ rules:
resources: ["events"]
verbs: ["create", "patch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
resources: ["validatingwebhookconfigurations"]
resourceNames: ["metallb-webhook-configuration"]
verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
resources: ["validatingwebhookconfigurations"]
verbs: ["list", "watch"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
@ -41,6 +41,7 @@ rules:
resources: ["subjectaccessreviews"]
verbs: ["create"]
{{- end }}
{{- if .Values.speaker.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@ -72,7 +73,7 @@ rules:
{{- if or .Values.frrk8s.enabled .Values.frrk8s.external }}
- apiGroups: ["frrk8s.metallb.io"]
resources: ["frrconfigurations"]
verbs: ["get", "list", "watch","create","update"]
verbs: ["get", "list", "watch","create","update","delete"]
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
@ -109,6 +110,7 @@ rules:
- apiGroups: ["metallb.io"]
resources: ["communities"]
verbs: ["get", "list", "watch"]
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
@ -117,7 +119,7 @@ metadata:
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "metallb.labels" . | nindent 4 }}
rules:
{{- if .Values.speaker.memberlist.enabled }}
{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }}
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create", "get", "list", "watch"]
@ -166,6 +168,7 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "metallb.fullname" . }}:controller
{{- if .Values.speaker.enabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
@ -195,6 +198,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: {{ include "metallb.speaker.serviceAccountName" . }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding

2
metallb-chart/templates/service-accounts.yaml

@ -13,7 +13,7 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- if .Values.speaker.serviceAccount.create }}
{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }}
---
apiVersion: v1
kind: ServiceAccount

7
metallb-chart/templates/servicemonitor.yaml

@ -1,4 +1,9 @@
{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }}
{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }}
{{- end }}
{{- if .Values.prometheus.serviceMonitor.enabled }}
{{- if .Values.speaker.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
@ -89,6 +94,7 @@ spec:
{{- end }}
sessionAffinity: None
type: ClusterIP
{{- end }}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
@ -97,7 +103,6 @@ metadata:
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "metallb.labels" . | nindent 4 }}
app.kubernetes.io/component: speaker
{{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }}
{{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }}
{{- end }}

30
metallb-chart/values.yaml

@ -45,7 +45,7 @@ prometheus:
# certificate to be used.
controllerMetricsTLSSecret: ""
# prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one
# prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one
rbacPrometheus: true
# the service account used by prometheus
@ -67,7 +67,7 @@ prometheus:
# enable support for Prometheus Operator
enabled: false
# optional additionnal labels for podMonitors
# optional additional labels for podMonitors
additionalLabels: {}
# optional annotations for podMonitors
@ -146,7 +146,7 @@ prometheus:
# enable alertmanager alerts
enabled: false
# optional additionnal labels for prometheusRules
# optional additional labels for prometheusRules
additionalLabels: {}
# optional annotations for prometheusRules
@ -168,7 +168,7 @@ prometheus:
addressPoolExhausted:
enabled: true
labels:
severity: alert
severity: critical
addressPoolUsage:
enabled: true
@ -181,13 +181,13 @@ prometheus:
severity: warning
- percent: 95
labels:
severity: alert
severity: critical
# MetalLBBGPSessionDown
bgpSessionDown:
enabled: true
labels:
severity: alert
severity: critical
extraAlerts: []
@ -201,7 +201,7 @@ controller:
# webhookMode: enabled
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller"
tag: "v0.14.8"
tag: "v0.14.9"
pullPolicy: IfNotPresent
## @param controller.updateStrategy.type Metallb controller deployment strategy type.
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
@ -282,7 +282,7 @@ speaker:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-speaker"
tag: "v0.14.8"
tag: "v0.14.9"
pullPolicy: IfNotPresent
## @param speaker.updateStrategy.type Speaker daemonset strategy type
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
@ -346,7 +346,7 @@ speaker:
enabled: false
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr"
tag: "8.4"
tag: "8.5.6"
pullPolicy: IfNotPresent
metricsPort: 7473
resources: {}
@ -378,3 +378,15 @@ frrk8s:
enabled: false
external: false
namespace: ""
# Override any settings for the metallb frr-k8s service here
metallb-frr-k8s:
prometheus:
rbacProxy:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%kube-rbac-proxy"
frrk8s:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr-k8s"
frr:
image:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr"

2
metallb/_service

@ -2,7 +2,7 @@
<service name="obs_scm">
<param name="url">https://github.com/metallb/metallb</param>
<param name="scm">git</param>
<param name="revision">v0.14.8</param>
<param name="revision">v0.14.9</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>

8
metallb/metallb.spec

@ -17,8 +17,8 @@
Name: metallb
Version: 0.14.8
Release: 0.14.8
Version: 0.14.9
Release: 0.14.9
Summary: Load Balancer for bare metal Kubernetes clusters
License: Apache-2.0
URL: https://github.com/metallb/metallb
@ -54,7 +54,7 @@ This package contains the speaker binary.
cp ./frr-tools/reloader/frr-reloader.sh frr-reloader.sh
%build
go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics
go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics ./frr-tools/cp-tool
mv $HOME/go/bin/metrics $HOME/go/bin/frr-metrics
%install
@ -63,6 +63,7 @@ mkdir -p %{buildroot}%{_sbindir}/
install -D -m 0755 $HOME/go/bin/controller %{buildroot}/
install -D -m 0755 $HOME/go/bin/speaker %{buildroot}/
install -D -m 0755 $HOME/go/bin/frr-metrics %{buildroot}/
install -D -m 0755 $HOME/go/bin/cp-tool %{buildroot}/
install -D -m 0755 frr-reloader.sh %{buildroot}/
%files controller
@ -73,6 +74,7 @@ install -D -m 0755 frr-reloader.sh %{buildroot}/
%license LICENSE
/speaker
/frr-metrics
/cp-tool
/frr-reloader.sh
%changelog